The use of encryption to protect sensitive data is well-known. A variety of encryption algorithms exist described in texts such as described in Andrew S. Tanenbaum, Computer Networks 724-71 (4th ed. 2003). In order to decrypt encrypted data, one must possess one or more pieces of information such as an encryption key, the encryption algorithm, and an initialization vector (IV). While such data may be kept in repositories, including electronic repositories such as hardware security modules, the movement and decryption of sensitive data still proves challenging as data is moved within an enterprise and beyond.
Moreover, there is a business need for a middle-ground between encryption and clear-text data. The same encryption that prevents human eyes and untrusted systems and from reading sensitive data can also hamper trusted or semi-trusted systems, applications, which have a business need to review or operate on the data.